# Create the RabbitMQ users

- name: setup RabbitMQ
  hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
  user: root
  gather_facts: False

  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - "/srv/private/ansible/vars.yml"
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  tasks:

  - name: Create the RabbitMQ user
    rabbitmq_user:
      user: "messaging-bridge{{ env_suffix }}.fedoraproject.org"
      vhost: /pubsub
      read_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)"
      write_priv: "((a|z)mq\\.topic|amqp_to_zmq|amqp_bridge_verify_missing)"
      configure_priv: "^$"
    tags:
    - config
    - rabbitmq_cluster

- name: setup Queues in RabbitMQ
  hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
  user: root
  gather_facts: False

  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - "/srv/private/ansible/vars.yml"
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:

  - role: rabbit/queue
    username: "amqp_to_zmq"
    queue_name: "amqp_to_zmq"
    routing_keys: "#"
    thresholds:
        warning: 10
        critical: 100
    tags:
    - config
    - rabbitmq_cluster

  - role: rabbit/queue
    username: "amqp_bridge_verify_missing"
    queue_name: "amqp_bridge_verify_missing"
    routing_keys: "#"
    message_ttl: 60000
    thresholds:
        warning: 10
        critical: 100
    tags:
    - config
    - rabbitmq_cluster

- name: setup bindings in RabbitMQ
  hosts: rabbitmq[0]:rabbitmq_stg[0]:rabbitmq01.iad2.fedoraproject.org
  user: root
  gather_facts: False

  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - "/srv/private/ansible/vars.yml"
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  tasks:

  - name: Create the amqp-to-zmq bindings
    rabbitmq_binding:
      name: amq.topic
      destination: amqp_to_zmq
      destination_type: queue
      vhost: /pubsub
      login_user: admin
      login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
    tags:
    - config
    - rabbitmq_cluster

  - name: Create the verify-missing bindings
    rabbitmq_binding:
      name: "{{item}}"
      destination: amqp_bridge_verify_missing
      destination_type: queue
      vhost: /pubsub
      login_user: admin
      login_password: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}"
    with_items:
    - amq.topic
    - zmq.topic
    tags:
    - config
    - rabbitmq_cluster


# Now create the app

- name: make the app be real
  hosts: os_control[0]:os_control_stg[0]
  user: root
  gather_facts: False

  vars_files:
    - /srv/web/infra/ansible/vars/global.yml
    - "/srv/private/ansible/vars.yml"
    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml

  roles:
  - role: openshift/project
    app: messaging-bridges
    description: "ZeroMQ <-> AMQP bridges"
    appowners:
    - abompard
    - pingou
    tags:
      - appowners

  - role: openshift/secret-file
    app: messaging-bridges
    secret_name: fedmsg-key
    key: fedmsg-fedmsg-migration-tools.key
    privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.key"
  - role: openshift/secret-file
    app: messaging-bridges
    secret_name: fedmsg-cert
    key: fedmsg-fedmsg-migration-tools.crt
    privatefile: "fedmsg-certs/keys/fedmsg-migration-tools{{env_suffix}}.fedoraproject.org.crt"

  - role: openshift/secret-file
    app: messaging-bridges
    secret_name: rabbitmq-ca
    key: rabbitmq-ca.crt
    privatefile: "rabbitmq/{{env}}/pki/ca.crt"
  - role: openshift/secret-file
    app: messaging-bridges
    secret_name: rabbitmq-key
    key: rabbitmq-fedmsg-migration-tools.key
    privatefile: "rabbitmq/{{env}}/pki/private/messaging-bridge{{env_suffix}}.fedoraproject.org.key"
  - role: openshift/secret-file
    app: messaging-bridges
    secret_name: rabbitmq-cert
    key: rabbitmq-fedmsg-migration-tools.crt
    privatefile: "rabbitmq/{{env}}/pki/issued/messaging-bridge{{env_suffix}}.fedoraproject.org.crt"

  - role: openshift/object
    app: messaging-bridges
    file: imagestream.yml
    objectname: imagestream.yml
  - role: openshift/object
    app: messaging-bridges
    template: buildconfig.yml
    objectname: buildconfig.yml

  - role: openshift/start-build
    app: messaging-bridges
    buildname: messaging-bridges-build

  - role: openshift/object
    app: messaging-bridges
    template: configmap.yml
    objectname: configmap.yml
  - role: openshift/object
    app: messaging-bridges
    file: service.yml
    objectname: service.yml
  - role: openshift/object
    app: messaging-bridges
    file: deploymentconfig.yml
    objectname: deploymentconfig.yml

  - role: openshift/rollout
    app: messaging-bridges
    dcname: amqp-to-zmq
  - role: openshift/rollout
    app: messaging-bridges
    dcname: zmq-to-amqp
  - role: openshift/rollout
    app: messaging-bridges
    dcname: verify-missing
